PT-2026-45248

A vulnerability was detected in unitedbyai droidclaw up to 0.5.3. The affected element is an unknown function of the file server/src/routes/pairing.ts of the component claim Endpoint. The manipulation results in improper restriction of excessive authentication attempts. The attack may be launched...

Brute Force

Overview Affected versions of this package are vulnerable to Brute Force due to improper enforcement of authentication lockout in the login process. An attacker can gain unauthorized access to accounts protected by two-factor authentication by repeatedly submitting incorrect TOTP codes without...

Brute Force

Overview Affected versions of this package are vulnerable to Brute Force due to improper enforcement of authentication lockout in the login process. An attacker can gain unauthorized access to accounts protected by two-factor authentication by repeatedly submitting incorrect TOTP codes without...

Wildfly Elytron integration susceptible to brute force attacks via CLI

Impact A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI. Patches The default behaviour has been changed in...